ECDLPElliptic Curve Discrete Logarithm Problem
Copyright 1988-2018, All rights reserved.
References in periodicals archive ?
Unfortunately, we will show that wrong conclusions are made for the performance comparison between [5] and [6], probably due to a wrong translation, as [5] was expressed as a discrete logarithm problem (DLP) and [6] as an ECDLP. In addition, we add another certificate based and pairing free signature scheme, similar to the scheme of [6], following ideas of [7], where the signature scheme is based on the proposal of Schnorr [15].
It is known that the discrete logarithm problem based on ECC (ECDLP) of any elliptic curve element that has a public point known base point, is harder than the discrete logarithm problem (DLP) over the finite field [F.sub.q]
The proposed protocol is existentially unforgeable against adaptive chosen-message attacks (EUF-CMA-II) of the Type I adversary [A.sub.1] in the random oracle model under the ECDLP assumption.
When trying to obtain t, r, or any valuable information, the attacker faces the computational Diffie-Hellman problem and ECDLP. Any modification on the messages will be detected, because R and T are signed by private keys r and t' respectively, and the received ID is compared with the stored ID;.
The security of elliptic curve cryptography is based on the difficulty of the ECDLP. Like any other discrete logarithm problem, ECDLP can be solved by generic algorithms such as the Baby-Step Giant-Step method [1] and Pollard rho method [2].
Elliptic Curve Discrete Logarithm Problem (ECDLP): Given the equation P = kG where P, G [member of] [E.sub.p](a, b) and k < p, it is relatively easy to compute P when the values of k and G are known, but it is hard to evaluate k given the values of P and G.
Some constructions further utilize the bilinear pairing to enhance the functionalities and performance [14, 15], but the security of these constructions was also rooted in the intractability assumption of ECDLP. Unfortunately, IFP and DLP as well as ECDLP could be efficiently solved by Shor's quantum algorithms [16, 17] and its extensions [18].
If an adversary Ab has a nonnegligible advantage E against the IND-CLGSC-CCA2-I security of our scheme and Performing [mathematical expression not reproducible], queries to oracles Ht (i = 0, 1, 2), [q.sub.ppk] Extract-Partial-Private-Key queries, and [] Set-Private-Key queries, then there is an algorithm that solves the ECDLP problem with probability [mathematical expression not reproducible].
Definition 3.2.2 (ECDLP, Elliptic Curve Discrete Logarithm Problem).
Mohanty, "An ECDLP based untraceable blind signature scheme," in Proceedings of the Circuits, Power and Computing Technologies (ICCPCT), International Conference on.